Lucene search
K

124 matches found

RedHat Linux
RedHat Linux
added 2025/05/15 1:20 p.m.6 views

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

7.8CVSS7.3AI score0.00844EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2024/12/24 12:0 a.m.11 views

openSUSE Security Advisory (SUSE-SU-2024:4411-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.0104EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/11/26 12:0 a.m.15 views

RHEL 8 : kernel (RHSA-2024:10262)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10262 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: improper input validation may...

7.8CVSS7.1AI score0.0193EPSS
Exploits7References46
Vulnrichment
Vulnrichment
added 2024/11/25 1:8 p.m.18 views

CVE-2024-11403 Out of Bounds Memory Read/Write in libjxl

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

6.9CVSS7.1AI score0.0063EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/13 3:29 p.m.5 views

OpenEXR: Heap Overflow in Scanline Deep Data Parsing

A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...

9.1CVSS5.8AI score0.01258EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/11/04 12:9 p.m.4 views

OpenEXR: Heap Overflow in Scanline Deep Data Parsing

A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...

9.1CVSS5.8AI score0.01258EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.7 views

PT-2024-36792 · Longse · Longse Model Lbh30Fe200W

Name of the Vulnerable Software and Affected Versions: Longse model LBH30FE200W cameras affected versions not specified Description: The issue allows an attacker in the same local network to access an undocumented binary service CoolView on one of the ports, providing unrestricted access. With...

7.5CVSS6.1AI score0.00612EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.13 views

Longse LBH30FE200W Security Breach

The Longse LBH30FE200W is a wireless webcam from China-based Longse Technology Longse. A security vulnerability exists in the Longse LBH30FE200W that stems from the related product providing an attacker located in the same local network with unrestricted access to an undocumented binary service,...

7.5CVSS6.6AI score0.00612EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.9 views

RHEL 7 : dpdk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dpdk: Information exposure in unchecked guest physical to host virtual address translations CVE-2018-1059...

7.5CVSS7.6AI score0.0188EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/12/18 10:0 p.m.17 views

CVE-2023-24590

A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some instances crash the Controller 6000 leading to a Denial of Service. This issue affects: Gallagher Controller 6000 8.60 prior to vCR8.60.231116a distributed in...

7.5CVSS8.8AI score0.00606EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/12/13 3:36 p.m.3 views

postgresql: Buffer overrun from integer overflow in array modification

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

8.8CVSS7.9AI score0.04322EPSS
Exploits0References6
OSV
OSV
added 2023/12/05 4:15 a.m.3 views

CVE-2023-47304

An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...

7.8CVSS5.9AI score0.00286EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/12/05 4:15 a.m.3 views

CVE-2023-47304

An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...

7.8CVSS7.2AI score0.00286EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.4 views

Vonage Box Telephone Adapter VDV23 Security Vulnerability

Vonage Box Telephone Adapter VDV23 is a telephone adapter from Vonage USA. A security vulnerability exists in the Vonage Box Telephone Adapter VDV23, version VDV21-3.2.11-0.5.1, which originated from a vulnerability that allows a local attacker to bypass UART authentication and read or write...

7.8CVSS7.7AI score0.00286EPSS
Exploits1References1
OSV
OSV
added 2023/08/22 7:16 p.m.1 views

UBUNTU-CVE-2020-19726

An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service...

8.8CVSS6.1AI score0.00664EPSS
Exploits1References6
OSV
OSV
added 2023/06/30 12:0 a.m.7 views

UBUNTU-CVE-2023-2163

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...

10CVSS6.8AI score0.03546EPSS
Exploits0References13
OSV
OSV
added 2023/06/23 6:15 p.m.4 views

CVE-2023-25518

NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of...

6.8CVSS5.9AI score0.00266EPSS
Exploits0References1
OSV
OSV
added 2023/06/12 5:15 p.m.3 views

CVE-2023-34341

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure, or data tampering...

8.8CVSS7.4AI score0.00777EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.45 views

EulerOS Virtualization 2.11.0 : httpd (EulerOS-SA-2023-2123)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...

9.8CVSS7.5AI score0.8377EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2023/02/21 9:35 a.m.4 views

httpd: mod_dav: out-of-bounds read/write of zero byte

A flaw was found in the moddav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service...

7.5CVSS7.1AI score0.03546EPSS
Exploits0References5
Rows per page
Query Builder